package com.kuang.demo.config.wx;

import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;


import java.util.LinkedHashMap;

@Configuration
public class PermissionConfig {

    @Bean
    public DefaultWebSecurityManager securityManager(Authoriz authoriz){

        DefaultWebSecurityManager defaultWebSecurityManager = new DefaultWebSecurityManager();
        defaultWebSecurityManager.setRealm(authoriz);
        defaultWebSecurityManager.setSessionManager(webSessionManager());
        return defaultWebSecurityManager;
    }

    @Bean
    public ShiroFilterFactoryBean shiroFilterFactoryBean(DefaultWebSecurityManager securityManager){
        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
        shiroFilterFactoryBean.setSecurityManager(securityManager);
        //TODO:验证失败,没有权限
        shiroFilterFactoryBean.setLoginUrl("/");


        //对哪些方法进行过滤，现在先放行所有的
        //TODO：权限
        LinkedHashMap<String, String> mappers = new LinkedHashMap<>();
        mappers.put("/**","anon");

        shiroFilterFactoryBean.setFilterChainDefinitionMap(mappers);
        return shiroFilterFactoryBean;
    }

    @Bean
    public DefaultWebSessionManager webSessionManager(){
        DefaultWebSessionManager sessionConfig = new SessionConfig();
        return sessionConfig;
    }

    @Bean
    public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(DefaultWebSecurityManager defaultWebSecurityManager){
        AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor = new AuthorizationAttributeSourceAdvisor();
        authorizationAttributeSourceAdvisor.setSecurityManager(defaultWebSecurityManager);

        return authorizationAttributeSourceAdvisor;
    }

}
